News
Vigil@nce: TYPO3, four vulnerabilities
March 2010 by Vigil@nce
An attacker can use four vulnerabilities of TYPO3, in order to obtain information, to create a Cross Site Scripting, or to bypass the authentication.
Severity: 2/4
Consequences: user access/rights, client access/rights, data
reading
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 4
Creation date: 23/02/2010
IMPACTED PRODUCTS
TYPO3
DESCRIPTION OF THE VULNERABILITY
Four vulnerabilities were announced in TYPO3.
An attacker with a valid login can generate a Cross Site Scripting on the backend. [severity:2/4]
An attacker with a valid login can use the sys_action task, in order to obtain information about other users. [severity:2/4]
When TYPO3 uses PHP as CGI, an attacker can generate a Cross Site Scripting on the frontend. [severity:2/4]
When the saltedpasswords extension is enabled, an attacker can authenticate if he knows a hashed password. [severity:2/4]
CHARACTERISTICS
Identifiers: BID-38366, TYPO3-SA-2010-004, VIGILANCE-VUL-9466
Url: http://vigilance.fr/vulnerability/T...
